Malicious actors can take advantage of “insufficient” forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new research has found.
“Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to allow any effective forensic investigation, making organizations blind to potential data exfiltration attacks,” cloud incident response firm Mitiga said in a report.
The attack banks on the prerequisite that the adversary is able to gain control of an identity and access management (IAM) entity in the targeted organization by methods like social engineering to access the GCP environment.
